I am wary of using online banking and brokerage services, but I would like to use them for the convenience. With basic notebook computers now costing $300 and less, I am thinking of getting one to be used solely for financial transactions. No
emailing, browsing, Facebooking, etc. Ideally, I want it to connect only to a
short list of financial websites and have no contact in or out with any
others. What would be the best way to do this? What other safety measures
should I use? After all, it is one thing to have an email account hacked, but
my retirement account is something else again.

•

There are a number of approaches that you can take - getting a dedicated machine is certainly one.

There are a variety of thoughts on how best to do this. Most add at least a
layer of inconvenience and some become downright impractical, at least to me.

Much, of course, depends on your own level of concern and realistic
confidence in your own abilities.

•

Boot from a live Linux CD

This is the solution that I hear thrown about most often.

The approach is very, very simple: download a "live" Linux boot CD - I would
recommend Ubuntu Linux as being
very capable and popular. Then, simply reboot your existing machine from that
CD. ("Live" refers to the fact that it is bootable, and boots into a working or
"live" copy of the operating system without any install required.)

"Each time that you boot from the CD,
you're starting with a completely clean slate."

Once booted, you'll be running in Linux, not Windows; you'll find common
tools, like the Firefox web browser, that you can then use to go online and do
whatever you wish to do securely, without fear of Windows malware.

The appeal is simply this: it's not Windows and nothing is stored on your
machine. While the live CD technically does have access to your hard drive,
it's typically not mounted by default and not used at all by the running
operating system.

So nothing that any potential malware might try to leave behind on your
machine will stick - reboot and it's gone. Each time that you boot from the CD,
you're starting with a completely clean slate.

While I do know of at least one person who operates this way, I personally
find this exceptionally impractical.

Starting with a clean slate on each reboot means that you can save nothing -
nothing at all - to your own computer. While that's kinda the point when it
comes to malware, it also prevents even the simplest of operations of your
own.

You can't even save a bookmark without resorting to additional online
services. You can't save a PDF that you've downloaded without once again using
some kind of additional online service, emailing it to yourself, or saving it to a USB
thumbdrive.

To my way of thinking, pulling in additional services or using a USB drive
defeats much of the purpose of having this sterile environment - it breaks the
isolation.

And if you're going to do that, then there's a much more practical and usable
approach.

A machine running Linux

A more practical approach, in my opinion, is a separate machine on which
something other than Windows (i.e. Linux) is actually installed.

If you restrict your activity on this machine to only your high-security
activities, such as your online banking needs, then you get most of the benefit
of the live CD approach, while being able to save downloaded documents,
bookmarks, and other customizations without needing to repeat them each time that you
restart the system.

In fact, it's very reasonable to include file-sharing access to other
machines on your local network so as to transfer documents to this secure
system. You might even set up an email client so that you can act on email
requests, click links, and/or use that as a way to transfer files without setting up
machine-to-machine networking.

Purists will argue that each of these "convenience-enabling" actions reduces
the absolute security of the solution ... and they're right. The live CD is in
an absolute sense more secure.

The question boils down to this: is the amount of additional security you
gain from using only a live CD worth the inconvenience? My take, naturally, is
not. In fact, I'd predict that most folks who intend to use the live CD
approach will soon abandon it. It takes a certain amount of rigor to stick with
it. If you can, great.

But for the rest of us ... we're human, and I know I'm lazy. I'd rather walk
over to the Linux machine that's all ready to go and with which I can easily
transfer files as needed.

A machine doesn't have to be a new machine, or a machine at all

When I say "separate machine" above, I don't mean to imply that you need to
go out and get another machine. You could, of course, but in reality, it could
be any of these approaches:

OK, get a new machine. If all that you're going to put on it is
Linux and all that you're going to do is online banking, it doesn't have to be
particularly powerful or have a huge hard disk. It can be inexpensive. Just be
sure to image the pre-installed copy of Windows so that you can use that on
this machine should you want to someday.

Use that old machine. You may very well have an old machine
lying around gathering dust somewhere that just isn't up to current versions of
Windows. That's perfect. Ubuntu may work well, but if not, smaller
foot-print versions of Linux, such as Puppy, are very reasonable alternatives for
this kind of operation.

Use the same machine. Consider installing Linux along side
Windows in a dual-boot configuration. You can use only one at a time and will
need to reboot to switch, but this requires no additional hardware, only disk
space.

Use a virtual machine. Don't use a separate machine at all.
Look into using virtual machine technology to run a copy of Linux within a
window on your own machine. Virtual machine technology is pretty darned close
to having a completely separate machine.

What does this all get you, anyway?

Even if you do use a dedicated machine or virtual machine, this is a bit of
work. Just what kind of "improved security" does this get you?

It boils down to two things: a smaller "attack surface" and isolation.

Smaller Attack Surface - To put it into more practical terms,
you're not using Windows. This isn't as much of a slam against Windows as it is a
recognition that it's everywhere. Because it's everywhere, Windows-based
vulnerabilities in both the OS and Windows applications are what most
malware authors target. By not running Windows for these sensitive tasks, you've
removed yourself from sights of the vast majority of online threats.

Isolation - By running on a machine dedicated to these
sensitive tasks and only these sensitive tasks, you're setting up a
barrier. Any malware that might be present or arrive on your "normal" Windows
machine won't transfer to or won't work on this isolated machine. And by
strictly restricting your activity on the secure machine, you're taking
additional steps to prevent malware from reaching it directly.

Those two seem like very simple concepts, but they each provide a
significant level of additional security.

What this doesn't get you

You still cannot let your guard down.

As Window's own security has improved over time, malware authors are
investigating other vehicles to cause problems.

Phishing is perhaps the most obvious, as it may not involve any malware at
all - it's simply an attempt to fool you into divulging sensitive information
to the wrong party. That can happen using any browser, any operating system and
any machine.

Hackers are finding that popular technologies often have exploitable
vulnerabilities. One example is as Adobe Flash, which is available on almost all
platforms. While most malware vectors through Flash are Windows-related,
there's no reason to believe that this cross-platform technology might not also
allow for cross-platform vulnerabilities.

One thing that is cross-platform are the browser and web technologies used.
Vulnerabilities in Firefox, for example, could impact all platforms and CSS
and JavaScript issues are by almost definition cross-platform.

Bottom line: keep all the software up-to-date, including that live CD you
might boot from.

Is there any hope?

I don't mean this to cause you to throw your hands up in the air in despair.
I simply want to make it clear that there is no magic bullet. Doing your online
banking in an isolated and different environment can definitely improve your
overall security, but it does not and cannot provide absolute security.

Heck, even dumping the internet and doing all your banking in person or by
mail can't even do that.

Me? I'll admit it: I don't do any of this.

I bank in Windows.

I follow all my other advice about keeping my machine secure. So far, that's
worked well for me.

While I'll admit that I probably have an above average sense of what's safe
and what's not to help guide me every day, I also ... well ...

Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.

BUT, reason i logged on here to post was that along with online banking, is a service called ZashPay, wher you can pay individuals.
It MAY already be part of your bank BillPay system.

I spent 3 hours this morning trying to figure it out.
(how to get right default account to send from, to receive to, etc)
rule #1
make separate profile email addresses for EACH BANK at which you have online banking; ZashPay does not apparently know how to reconcile an email address that is used concurrently at two separate banks.

SIMPLY, yo log on to your banks site (or else ZashPay, if your bank does not have access), select to pay a person, enter their email address; and the amount.

THEY get an email that you sent them monies; it contains their email that they wanted it sent to , and a secure transaction code; NO BANK NUMBERS are included; ZashPay ahs those housed in its database, related to the secure transaction code and email adress.

person then goes to THEIR bank site, logs on (if it has billpay), selects to GET money, they enter the email address and security code, and it gets deposited to the DEFGAULT account that you are using (I think you can first change the default, to direct hte monies)

OR, they go to ZashPay, and receive money there, to the accounts they select.

I just transferred 2.00 to myself; crashed the transaction (tried to send to same email), but then did a test of $2.50 form me at one bank, to me at another bank, and it was done in 5 minutes !

cost - metrobank, zero fee;
fulton bank, 0.50 fee
zashpay, 0.75 fee
only the sender is billed; there is no percentage fee; as you see above, the bank that the sender uses may have different fees.

hope this is of some benefit
nick

Snert
July 19, 2011 8:58 AM

My Grandpa always told me if you want to get something done the quickest and bestest easy way, hire a truely lazy man do it.

STRONG PASSWORDS!!! They won't prevent all of anything those thiefin' bastards can do, but that's a damned good start.
What's you farvorite line from "Alice in Wonder Land? What's you fave song lyric? Name three of what's on you middle shelf in your medicine cabinet? Describe what you wash first when you shower, in detail. But, most of the times, you're restricted by how many characters you can use.

Siegfried
July 19, 2011 8:58 AM

That`s al nice and dandy but wouldn`t the software "sandboxie" work just as well, with a lott less work. You can save everything you expressly want and the rest ist deleted after clicken out the sandboxie.

Interociter Operator
July 19, 2011 10:39 AM

Run your bootable linux image from a flash drive equipped with the write lock switch - (a tiny hardware switch on side - not all drives have it.)

You can set up your favorites or make changes while you are disconnected from the network, then enable the lock.

robertpri
July 19, 2011 11:46 AM

There are several things you can do for safer online banking. 1-a complicated user name, similar to a complicated pw. You do not have to use your real name. Example: b94k69#004kp.

2- use a long complicate pw--see above

3-most important--go to security section of your online bank and set maximums. Any amount deducted over $100 [usually the min] gets you an auto-email.

4-most important: set your security that NO new account or payee can be established until they send an email for you to approve, or it comes from your computer, or you approve it online with a third layer safecode, complicated number.

Mark J
July 19, 2011 2:04 PM

@Siegrfried
Here's an article previously published on Ask Leo which discusses sandboxes and VMs.

This is perhaps the most secure form of on-line banking I have ever seen and now use -
My bank issues a 'dongle' that you carry around [ say on a keychain]. You get into banking site - log in - use a strong password and then enter a number displayed on the dongle [ you don't plug it in, just read it ].
It works like this - the bank programs your dongle with an encrypted program that shows a number which changes every minute of the day [ 60 seconds ] every number appears random but is displayed using the banks unique encryption for only your account. If you get it wrong or don't put the number in, you don't get in. The number on the dongle must correspond to the banks code at that minute of every day 7/365. If you lose the dongle, no worries because whoever has it must know your name AND password as well, plenty of time to notify the bank and halt transactions then get another dongle [ with a different encrypted code ]. Knowing your password and account is usless without entering that specific number at that exact minute of the day with your dongle.
I am impressed as this is about as secure as you can possible get.

I use a live Linux (Ubuntu) flash drive when I do my banking and when I pay my credit cards (weekly). It is simple and is not an inconvenience. Ubuntu boots as fast or faster than Windows 7. I can access my Windows files from the Ubuntu desktop. Libreoffice can edit and save Excel and Word files. No virus updates or firewall grief. What more can one ask for? Leo must of had a bad day when he wrote this one.

Michael
July 19, 2011 5:52 PM

Another problem common to all operating systems is hacking of DNS. There are a number of ways that entering mybank.com into your browser takes you to a malicious website.

To know if this happens, try a browser addon such as Flagfox for Firefox which shows you the country and city of the server you are connected to.

Being able to update the browser with addons and patches is a big reason to use an updatable copy of Linux rather than a CD-R based copy. Plus, CDs are soooooo slow. My preference is to run Linux off a USB thumb drive.

Duane Ferguson
July 20, 2011 6:03 AM

I use large capacity hard drives (160 gigabytes, and 500 gigabytes) with small bootable Linux partitions for secure data recovery. I've moved from 'Puppy' Linux to 'Mint'. It's not such a big jump for Windows users to make, when loading up Mint. Reasonably quick, and secure, I'd recommend it for on-line banking etc, as you can save Internet favourites, and other documents to the hard drive, as well as have full access to documents on the 'host' Windows machine.

GREG JACKSON
July 20, 2011 10:03 AM

Excellent responses from Leo and subscribers. Good variety of answers to fit anyone's level of sophistication (or laziness). Strong PW's are the most basic and simplest. FYI: GRC provides a great PW generator https://www.grc.com/passwords.htm
I keep a shortcut on my desktop, and immediatly copy PW to an encrypted file. I usually do all security sensitive items in one brief session, then close up the encrypted file, then take a nap. zzzzz.

GREG JACKSON
July 20, 2011 10:23 AM

**with Leos permission**
Almost forgot. (somewhat off topic, but worthy of mention) On GRC's PW generator page, check out "Password Haystacks" link at the top. Find out why D0g is a stronger PW than PrXyc.N(n4k77#L!eVdAfp9. Yes, I was enlightened.
GibsonResearchCorp(GRC) is a great site for the security concerned. https://www.grc.com/default.htm

Linda
July 24, 2011 1:23 PM

I just use my IPOD

John Yendt
July 29, 2011 6:12 AM

Or, you could get a Google ChromeOS machine. The hardware verified boot makes it very difficult to defeat and, since it reboots in 8 seconds, you can reboot immediately before going to your bank site and be sure of a clean copy. The only risk is if someone gets inside your hardware and modifies the ROM verification chip, which is unlikely if it is a personal machine.

•

Comments on this entry are closed.

If you have a question, start by using the search box up at the
top of the page - there's a very good chance that
your question has already been answered on Ask Leo!.